Press Releases: April 2013

Annual Report Recognizes Service Providers' Commitment to Users in the Face of Government Data Demands

San Francisco - As you search the Internet, visit websites, and update your social media accounts, you entrust a wealth of data to service providers: your thoughts, your photos, your location, and much more. What happens when the government wants access to all of this information, held by companies like Google and Facebook and AT&T? Will these providers help you fight back against unfair demands for data about your private life?

Today the Electronic Frontier Foundation (EFF) releases its third annual report, "Who Has Your Back?," which looks at major technology service providers' commitment to users' rights in the face of government data demands. EFF's report examines 18 companies' terms of service, privacy policies, advocacy, and courtroom track records, awarding up to six gold stars for best practices in categories like "require a warrant for content," "tell users about government data demands," and "publish transparency reports."

"Transparency reports have become an industry standard practice among major technology companies since we started issuing this report in 2011," said EFF Senior Staff Attorney Marcia Hofmann. "Through those reports, we've learned more about law enforcement requests for user data. We publish this annual report to encourage companies to let users know how data flows to the government, and to encourage companies to stand up for their users."

EFF's report shows that more and more Internet companies are formally promising to give users notice about law enforcement requests for information unless prohibited by law or court order. We also found a dramatic increase in the number of companies publishing law enforcement guidelines for making data requests. This year, two companies—Twitter and Sonic.net—received a full six stars, while Verizon earned no stars.

"There's a lot to celebrate in this report, but also plenty of room for improvement," said EFF Staff Attorney Nate Cardozo. "Service providers hold huge amounts of our personal data, and the government shouldn't be able to fish around in this information without good reason and a court making sure there's no abuse. This report should be a wake-up call to Internet users that they need more protection from the companies they trust with their digital communications."

Update:The original version of this press release said that Myspace did not receive any stars. However, since the publication of our original report, a representative from the company has notified us about previously published law enforcement guidelines and a court case in which Myspace fought for the rights of its users. Because those guidelines and court filings are publicly available, and because the guidelines make clear that Myspace requires a warrant for the content of communications, we have amended our report to give Myspace the three relevant stars.

EFF Outlines Five Ways the FAA Can Protect the Public and Ensure Transparency

San Francisco - The Federal Aviation Administration's (FAA's) proposed privacy requirements for domestic drone test sites are not robust enough to protect the public, the Electronic Frontier Foundation (EFF) argues in its official comments filed with the agency this week. EFF Staff Attorney Jennifer Lynch outlines five key recommendations to safeguard privacy and civil liberties while allowing unmanned-aerial-system operators to explore the potentials of the emerging technology.

"When it comes to drones, the FAA needs to examine privacy issues with the same rigor it applies to flight and mechanical safety," said Lynch, who has filed two successful lawsuits against the federal government over drone-related Freedom of Information Act requests. "Just as vague safety regulations for drones could result in damage to life or property, vague privacy measures could harm civil liberties."

President Barack Obama signed the FAA Modernization and Reform Act last year, which included a requirement that the agency start the process of integrating drones into the National Airspace system through a test-site program. The FAA plans to authorize six separate test sites for drones in the U.S. Mindful of the growing public interest in the civil-liberties implications of domestic aerial surveillance, the FAA recently released proposed privacy requirements for operators of these sites. However, the FAA's proposal falls short of truly protecting privacy for members of the general public who may be caught by the drones' surveillance cameras during test flights.

In the comments submitted today, EFF says:

1. The FAA should develop a model privacy policy and provide it to test-site operators.

2. Test-site operators should be required to report the surveillance and data-capturing capabilities of each drone.

3. Test-site operators should measure the surveillance capabilities and limits for each drone.

4. The FAA should not limit its privacy-protecting regulations to the test-site program but should extend them across its entire drone authorization process.

5. The public must have meaningful access to the wealth of drone data collected by the FAA.

"We're looking for specificity and transparency," Lynch said. "Testing sites should not only disclose what data they plan to collect, but what kind of data these drones are capable of collecting. And the public should have access to that information."

EFF Fights for Cell Phone Privacy in Washington State

San Francisco - The Electronic Frontier Foundation (EFF) urged the Washington State Supreme Court Monday to recognize that text messages are "the 21st Century phone call" and require that law enforcement officers obtain a warrant before reading texts on someone's phone.

"Text messages are a ubiquitous form of communication, and their context can be as private as any telephone conversation," said EFF Staff Attorney Hanni Fakhoury. "We use texts to talk to our wives and husbands, our kids, our co-workers, and more. Police should not be able to sift through these personal exchanges on a whim – they must show probable cause and get a warrant before accessing this information."

In this case, police seized a cell phone during a drug investigation and monitored incoming messages. Officers responded to several texts, setting up meetings that resulted in two arrests, without first getting a warrant. Prosecutors have argued that no warrant was required because there should be no expectation of privacy in text messages, as anyone can pick up someone else's phone and read what's stored there. But in two related amicus briefs filed Monday, EFF argues that searching the phone for the texts without a warrant clearly violates the Constitution.

"The state argues that just because someone can intercept a communication, you should reasonably expect that communication to be intercepted. That's a dangerous way to interpret the Fourth Amendment," said Fakhoury. "The prosecutors' theory would eviscerate any privacy protections in the digital age. We're asking the Washington State Supreme Court here to recognize what's at stake and to require a warrant before allowing officers to read text messages on a cell phone."

Venkat Balasubramani of FOCAL PLLC in Seattle, Washington, served as EFF's local counsel in the cases.